Install Mailpile on Ubuntu with nginx as reverse proxy.

Introduction

In this tutorial, we will install Mailpile, a fast, secure, and beautiful webmail client, on Ubuntu.

A webmail client like Mailpile is a great way to ensure you can access your email from anywhere without the hassle of configuring a standard email client. Mailpile is just a mail client, meaning it only manages existing mail accounts.

Please keep in mind throughout this tutorial that Mailpile is still in beta, which means you may encounter bugs and other difficulties along the way.

Prerequisites

Before we get started, we’ll need a few things:

A domain name

If you have a domain ready, create an A record to point to your Droplet (ex. mailpile.example.com).

Ubuntu VPS, any version should work, but 16.04 preferred.

Make a note of your SSL certificate and key locations. Which might look like this (I couldn’t get LetsEncrypt to work, so I’m using PositiveSSL from Comodo, feel free to use StarSSL which is free):

/etc/nginx/ssl/nginx.crt

/etc/nginx/ssl/nginx.key

That’s it! If you have everything all ready to go, proceed to the first step.

Step 1 — Downloading Mailpile

In this section we will prepare our working environment for the Mailpile installation.

First we need to log into our Droplet. If you haven’t used SSH before, see this tutorial on SSH. Make sure you’re logging into a user with sudo access.

First we need to install Git. We will use Git to clone the Mailpile source from GitHub.

Update Ubuntu’s package lists:

sudo apt-get update

Install Git:

sudo apt-get install git

Now that Git is installed, let’s change our directory to somewhere we can work out of. In this case, we’ll use the /var directory:

cd /var

Clone Mailpile:

sudo git clone https://github.com/mailpile/Mailpile.git

We need the sudo command to allow Git to create a directory inside of /var, which is a system directory. You can later change permission with chmod 777

We’re almost ready to get Mailpile running. Proceed to Step 2 to begin tackling some more requirements.

Step 2 — Configuring Mailpile’s Requirements

In this section we’ll get Mailpile’s requirements installed and configured.

First, let’s install pip. pip is a Python package manager with a few tricks up its sleeve:

sudo apt-get -y install python-pip

pip will allow us to install Mailpile’s requirements more easily. You’ll see how in a minute, but first we need to install a few more things.

Next we need to install lxml. lxml is a Mailpile requirement that would normally be instaled by pip, but I’ve found it to cause the installation to fail for unknown reasons. Because of this, we’ll install it with apt-get:

sudo apt-get install python-lxml

Just a few more packages have to be installed manually, including GnuPG and OpenSSL. These will create a more secure environment for our mail. Some of these will likely be installed by default, but we’ll make sure just in case:

sudo apt-get install gnupg openssl libssl-dev

Now change into Mailpile’s directory:

cd /var/Mailpile

We’re now ready to harness pip’s abilities to install the rest of our requirements.

Mailpile includes a file called requirements.txt, which is basically a list of requirements. pip has the ability to read through this list and automatically install each and every one of them. So let’s do exactly that:

sudo pip install -r /var/Mailpile/requirements.txt

You’re done. All requirements have been installed and Mailpile is ready to use. But before we do, we need to take a few extra steps to tighten our security.

Step 3 — Configuring a Reverse Proxy with Nginx

In this section we’ll configure Nginx as a reverse proxy for Mailpile. This will make Mailpile more secure, allow us to use an SSL certificate, and make it easier to access the webmail client.

With Nginx, instead of accessing Mailpile by visiting https://example.com:33411, you can use https://mailpile.example.com. Let’s get started!

First, we’ll need to have Nginx installed since that’s what’s going to be doing most of the work. So let’s get Nginx before anything else:

sudo apt-get install nginx

Now that Nginx is installed, we can set up the reverse proxy. Let’s edit Nginx’s configuration to tell it to route our subdomain to Mailpile.

We want to delete the original Nginx config file since it’s filled with a bunch of stuff we don’t need. But first, let’s make a backup. First make the directory:

sudo mkdir /home/backup

Now make the backup:

sudo cp -b /etc/nginx/sites-enabled/default /home/backup

Now we are free to delete the file without consequences:

sudo rm /etc/nginx/sites-available/default

Let’s make sure it’s actually gone:

ls /etc/nginx/sites-available/

If you’ve just installed Nginx, the command should return nothing.

Now create a new file:

sudo nvim /etc/nginx/sites-available/default

Now it’s time to configure the reverse proxy. Let’s start with the first part. Add the following to the beginning of the file (we’ll explain what it does in a second):

/etc/nginx/sites-available/default

server {
listen 80;
return 301 https://$host$request_uri;
}

This tells Nginx to redirect the requests it gets to HTTPS. But in reality, it will try to redirect to something that doesn’t exist yet. Let’s create somewhere for it to go:

Note: make sure your certificate and key are located at /etc/nginx/ssl/nginx.crt and /etc/nginx/ssl/nginx.key. Otherwise, update the paths next to ssl_certificate and ssl_certificate_key to match your certificate and key locations.

What we just entered told Nginx to listen on port 443 (the port websites with SSL access, as opposed to port 80), apply our SSL certificate, and turn SSL on. Now we need to actually serve something to this new HTTPS URL we’ve redirected to and enabled SSL on. We’ll do that next.

Conclusion

For more configuration options, run help from the Mailpile command line.

Congratulations, you now have your very own webmail client, Mailpile, running on a Ubuntu VPS. It is fully equipped with SSL and automatically redirects to the HTTPS version of your site. You may now set up your email accounts and manage your contacts, mail, categories, and more with Mailpile’s beautiful interface. Have fun!

Note

I didn’t install the repo version with apache2 integration because I couldn’t make apache work with Mailpile.

I didn’t use LetsEncrypt because I could not integrate the certification process with this configuration for some reason.